go to https://www.wilderssecurity.com/showthread.php?t=12516 and download 'Hijack This!'.
make sure it is placed into it's own folder, not a temporary folder. Then doubleclick the Hijackthis.exe.
Click the "Scan" button, when the scan is finished the scan button will become "Save Log" click that and save the log.
Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

----
Its the c:\searchpage stuff that the SG keeps alerting me to - in the end - just to help with userbility, I cancelled the messages and most settings changed to reflect the c:\searchpage.html (which is not on my hard drive - at least I don't think it is - its not in that location anyway).

So with all the changes to c:\searchpage, the only thing that i keep getting prompted to change is my startpage now.

Boot into safe mode & Run it
Close all browser windows, click on the cwshredder.exe then click "FIX" (Not "Scan only") and let it do it's thing.
Now as CWS installs via the byte verifier exploit in M$ JavaVM, just surfing a page with an infected applet can install it with no user participation. So once you’ve run the above, it is vital that you go here, click Scan for updates in the main frame, and download and install all CRITICAL updates recommended.

but I do not like the sound of what you typed after that about no user participation.

I do not want to shove even more things on my pc which are harder to control than what I have now.

I am a novice in these things, and am very wary of messing with something at a level that I cannot understand, and would sooner reformat my hard ddrive and start again, as i understand that

When I have scanned everything using CWS, you ask me to go to a website and download all critical updates, but I can't do that in safe mode - I cannot connect to the internet while there.

I am just too nervous to do this at the moment, so would reformatting my hard drive and reinstalling the startup disk I got with this machine sort out the problem on my pc please? If so I will thank you, and do that.

Andy

ps I don't have a zipper on my pc either and it would take hours to download one, which is another reason for asking this.

right click the file and select send to compressed folder, that copies the file and puts in in a zip file in the same folder it exists in

so in this case please right click the C:\WINDOWS\System32\lslt\ folder select send to compressed folder and acopy of that folder will be made in zip format
that will be placed inside the system32 folder, so then make a new email adreesed to the address I gave you earlier and then press insert attachment, and navigate through the folders to the new lslt zip file and press attach

then send it to me

You do all the updates after rebooting normaly when cwshredder has run and cleaned up hopefully.

I am not saying that using CWShredder will put anything on the computer with no user participation
That is HOW you were infected in the first place and even though a complete reformat will cure this problem It is like using a sledgehammer to crack a nut. It doesn't stop the underlying reason you were infected and will leave you open to many more hijacks until you have spent ages reinstalling all antivirus software etc and all windows updates

Reboot into safe mode by following instructions here: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406
then as some of the files or folders you need to delete may be hidden do this:
Open Windows Explorer & Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and untick "hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"